Is Blockchain the key to our IoT security future?

There are plenty of proponents who see Blockchain as more than a platform for the financial institutions of this world. Consultant Mark Kovarski is one of them.

Mark Kovarski, independent consultant and Blockchain strategist

“I’m very big on Blockchain, he said. “I said it two years ago, and I’m saying it now. A lot of people don’t get the implications of Blockchain beyond financial services, but it could change everything from how services will be delivered and consumed to how political systems are run. Bitcoin was just paving the way from a technology maturity perspective.”

While the applications may be varied, one key trigger that could push Blockchain mainstream is the growing security concern around the Internet of Things. “There is no true security in IoT without Blockchain,” Kovarski argued.

The most significant change that IoT brings to the table is a shift from centralized databases and hierarchical structures to more decentralized ICT models, which is why Blockchain is the ideal security platform, he noted. “The biggest thing about Blockchain is its immutability. Once a record goes into a Blockchain database, it gets replicated by whatever number of nodes it gets distributed to. No hacker can go in and modify it.”

Consider a Blockchain platform distributed across 1,000 nodes. Once a record goes in, it cannot be changed: even if someone tries to alter one of the nodes, the others will not be affected. “The hacker would have to go in and somehow replicate what they are trying to alter. That’s impossible…at least so far,” Kovarski said.

This immutability also enables safe and secure transparency. “With Blockchain, you can build systems that provide transparency on the part of multiple parties and verify things,” Kovarski said. ‘When it comes to IoT security in Blockchain, that verification piece is going to be big, Due to the distributed nature of the database, whatever information you have can’t be altered and hence can be shared with trusted to other parties. This much more open system has huge implications for areas such as healthcare.”

At DCD Canada Converged held in Toronto this October, author of The Business Blockchain and conference keynote speaker William Mougayar, explained the security aspects of Blockchain by referencing the “Byzantine General’s problem,” in which a general must rely a message to nine generals prior to launching a coordinated an attack. In passing a message on the timing of the attack from one general to another, the question is, how does the general know if a traitor is in the middle of the information transfer who will alter the nature of the message? If there is a traitor in the chain altering the information, the army would be split and that attack would fail.

Mougayar said the Blockchain timing principle would solve that question. “What if every general has to spend 10 minutes writing a long message before sending the messenger to the next general? If the third or fourth general wanted to cheat, he would have to spend his 10 minutes on his message and then rewrite the previous histories. Anyone who took longer than 10 minutes would be the traitor.”

An added security feature is that Blockchain has the potential to eliminate the need for intermediaries – such as a financial institution – to disrupt transmission. “When a bank is moving funds for a client, they’re the ones in the middle updating the database,” Mougayar said. “Since Blockchain can do it peer-to-peer, nobody is in the middle checking the integrity of the message. If everyone is on the same page, there’s no need for two databases to try to synch and catch up with each other. Instead, you can replace two databases with a single ledger for all entries which is immutable. The integrity of the transaction is always preserved.”

While the financial industry is an obvious play for Blockchain, Mougayar said it can apply to all facets of a digital world where intermediaries are involved in transferring data, whether it’s money or other assets with digital value such as stocks, bonds, votes, or legal transactions.

Kovarski noted that potential applications could range from support for public sector services and land transfer titles to voting rights and humanitarian work, such as the identification of orphans at risk in emerging markets. “Identification is going to be massive.”

Manufacturing is another area where data integrity is critical, he said. “What if you took every piece of equipment and every part and registered them on a Blockchain platform? There are also firms in the drone industry doing research into sensors in [agricultural] fields that are all connected. [By analyzing the data that is generated] You can automatically order supplies, do cheaper flyovers and calculate yields and where water is needed. Connecting all those things securely on a single Blockchain platform is a very powerful tool for verification.”

The coming year will see more substantial proof of concept and first production deployments as concerns over cybersecurity grow, Kovarski said. “Old cybersecurity threats are coming to light more and more, and traditional tools we have today are no longer enough. It’s only a matter of time before we see rollout and deployment of new security solutions.”

The key point is that with Blockchain there is no single point of failure. “Today an attack on one system or node can bring down everything. With blockchain it’s distributed. You would have to bring down thousands of nodes. Now it’s just a matter of Blockchain proving itself – and it will.”

InsightaaS is a boutique analyst firm, and is a unique destination site for IT and business managers interested in exploring the ‘why’ in enterprise technology.
InsightaaS fills a niche between the trade press and traditional analyst firms: we provide more depth of analysis than the press, and unlike leading analyst firms like Gartner Group, we focus on engagements that allow us to share the insights we develop with the broader community.